Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa
File: d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa (raw, json)
Hash identifier: 0FNpUTMGmMuvZoeM4CjkipOAZTil+jYKUVN22OFnJDM=
Subject key identifier: 88:6D:59:4D:9A:67:EF:60:54:50:D2:7E:8C:31:14:2C:E1:B9:ED:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 16536F7F3E99E84029D5CAB1489DB70B4135091E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa
Signing time: Tue 20 May 2025 18:31:36 +0000
ROA not before: Tue 20 May 2025 18:31:36 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:9040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:53:6f:7f:3e:99:e8:40:29:d5:ca:b1:48:9d:b7:0b:41:35:09:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:31:36 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=289cde466a16bc1d4dd7e45d2c8e0b6a22becdcb911fb3e5d48d8d1b024418b3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:98:9b:96:9d:9f:38:06:ed:fa:0c:97:2c:df:
31:d3:4e:2d:6e:5f:1f:ed:ed:26:56:5a:42:38:a2:
b4:51:6c:8a:bd:47:4f:66:0d:28:95:af:4b:eb:0e:
6b:c5:83:ac:ee:ce:17:9b:54:b1:cc:e3:22:0e:c7:
bc:0b:be:62:fe:5b:41:11:88:63:2d:23:bb:41:51:
9d:dd:fb:83:5b:cf:cb:9b:31:94:47:a2:30:98:aa:
e2:c0:58:14:b9:da:c8:30:d8:f6:1b:f5:e0:d4:68:
37:da:77:ae:d9:5f:b1:ec:58:40:83:a0:93:ae:b0:
9a:ae:e7:ef:cf:90:c2:55:6f:79:8f:df:e6:fb:8b:
ac:0b:ce:c9:b0:49:df:94:41:e5:a4:3b:01:aa:c9:
a5:43:39:43:2c:16:af:b2:b8:b9:a2:49:14:9a:03:
53:cd:78:77:d4:2c:3e:5f:50:a6:ca:f2:5b:08:f1:
07:59:e8:de:46:ea:fc:e9:07:71:3a:5c:14:c5:15:
f2:06:41:dc:73:0f:2b:72:78:28:2f:7a:82:5a:4a:
67:22:06:86:98:09:7d:67:7a:48:9b:5b:2a:d4:8f:
a5:2c:55:f1:68:c5:b3:16:eb:61:56:dd:1a:2c:dc:
5e:07:ba:1d:98:3d:e4:e9:71:b3:09:7d:00:cb:71:
f6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6D:59:4D:9A:67:EF:60:54:50:D2:7E:8C:31:14:2C:E1:B9:ED:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d4797699-eef4-401b-a6e7-1f5cf1f3e7de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:9040::/48
Signature Algorithm: sha256WithRSAEncryption
c8:66:ca:a6:f8:30:29:10:de:3a:be:3f:4e:9e:5d:eb:30:6f:
79:6f:61:a3:cc:44:93:21:bd:e3:11:6b:58:ad:f6:0d:42:08:
37:86:5c:ae:e3:13:f5:c7:9a:62:c1:f7:92:b4:e3:64:21:04:
9a:d8:b6:0a:b5:8f:d1:b9:ce:bc:d4:82:79:00:3d:f7:1f:68:
18:db:13:32:01:32:83:38:3f:fb:f2:c6:ae:23:0c:03:ac:2c:
d4:9a:b9:1e:fd:43:55:af:c8:92:8d:05:1f:66:05:f1:08:0a:
a8:49:06:d2:8d:4c:89:ed:21:40:1f:bd:20:f7:bb:a7:34:e4:
36:7f:29:8e:66:66:e3:e7:ad:72:b5:79:7c:e3:e0:bf:93:a2:
c4:a1:70:f6:a1:64:c7:c6:df:f4:17:41:7f:fe:fd:2f:97:ae:
d7:c2:0d:9d:ea:64:a9:af:f2:62:93:c6:1b:b6:64:94:2c:6e:
2b:2e:be:5e:f5:71:83:6b:44:52:65:4c:50:98:91:18:77:d3:
42:eb:5e:da:4c:c4:f8:ff:b8:6c:28:fb:09:f1:c1:c7:08:9f:
7d:7b:37:80:fb:38:ad:12:47:b3:80:a2:9f:af:34:8f:b5:e1:
0a:15:b0:63:16:f9:b4:ac:31:8c:90:7c:53:d1:7a:5c:a7:f5:
35:52:42:23
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUFlNvfz6Z6EAp1cqxSJ23C0E1CR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODMxMzZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4OWNkZTQ2NmExNmJjMWQ0ZGQ3ZTQ1ZDJjOGUwYjZhMjJiZWNkY2I5MTFm
YjNlNWQ0OGQ4ZDFiMDI0NDE4YjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOYm5adnzgG7foMlyzfMdNOLW5fH+3tJlZaQjiitFFsir1HT2YNKJWvS+sO
a8WDrO7OF5tUsczjIg7HvAu+Yv5bQRGIYy0ju0FRnd37g1vPy5sxlEeiMJiq4sBY
FLnayDDY9hv14NRoN9p3rtlfsexYQIOgk66wmq7n78+QwlVveY/f5vuLrAvOybBJ
35RB5aQ7AarJpUM5QywWr7K4uaJJFJoDU814d9QsPl9QpsryWwjxB1no3kbq/OkH
cTpcFMUV8gZB3HMPK3J4KC96glpKZyIGhpgJfWd6SJtbKtSPpSxV8WjFsxbrYVbd
GizcXge6HZg95Olxswl9AMtx9r8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSIbVlN
mmfvYFRQ0n6MMRQs4bntwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDQ3OTc2OTktZWVmNC00MDFiLWE2ZTctMWY1Y2YxZjNlN2RlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAyGbKpvgwKRDeOr4/Tp5d6zBveW9ho8xEkyG9
4xFrWK32DUIIN4ZcruMT9ceaYsH3krTjZCEEmti2CrWP0bnOvNSCeQA99x9oGNsT
MgEygzg/+/LGriMMA6ws1Jq5Hv1DVa/Iko0FH2YF8QgKqEkG0o1Mie0hQB+9IPe7
pzTkNn8pjmZm4+etcrV5fOPgv5OixKFw9qFkx8bf9BdBf/79L5eu18INnepkqa/y
YpPGG7ZklCxuKy6+XvVxg2tEUmVMUJiRGHfTQute2kzE+P+4bCj7CfHBxwiffXs3
gPs4rRJHs4Cin680j7XhChWwYxb5tKwxjJB8U9F6XKf1NVJCIw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:10 2025 by rpki-client